Regarding to How do I expire a PHP session after 30 minutes?, I copied some code from the 2nd answer Simple way of PHP session expiry in 30 minutes. I'd like to combine login and information to 1 page and another page is logout.php here is my code.
homepage.php
if(isset($_POST["submitform"])){
$v1 = "admin";
$v2 = "admin";
$v3 = $_POST['username'];
$v4 = $_POST['password'];
if($v1 == $v3 && $v2 == $v4){
session_start();
$_SESSION['username'] = $v1;
$_SESSION['start'] = time(); // taking now logged in time
$_SESSION['expire'] = $_SESSION['start'] + (1* 30) ; // ending a session in 30 seconds
if(!isset($_SESSION['username'])){
echo "Please Login again <a href='logout.php'>Click Here to Login</a>";
}else{
$now = time(); // checking the time now when home page starts
if($now > $_SESSION['expire']){
session_destroy();
echo "Your session has expire ! <a href='logout.php'>Click Here to Login</a>";
}else{
echo "This should be expired in 1 min <a href='logout.php'>Click Here to Login</a>";
}
}
}else{
echo '
<form method="post">
<input type="text" name="username">
<input type="password" name="password">
<button type="submit" name="submitform">Sign in</button>
</form>';
echo '<font color="red">wrong password</font>"';
}
}else{
echo '
<form method="post">
<input type="text" name="username">
<input type="password" name="password">
<button type="submit" name="submitform">Sign in</button>
</form>';
}
?>
Logout.php
<?php
session_start();
session_destroy();
header('Location: homepage.php');
?>
I set session expire to 30 seconds, however I found the session doesn't expire as expected. The session never expire. I am wondering if i put session_start();
in a right place? Thanks